X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FSpecialEmailuser.php;h=8995eb5dc83bda7935645b4a24e6923c8de9c434;hb=6f21ad753541913e02164425c71292ce89b5eda0;hp=5fac3c89af136f1fe56ca3f9d915271f1a7b5017;hpb=0332f4c59809e5a89f626e8969cd76261819f432;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/SpecialEmailuser.php b/includes/SpecialEmailuser.php index 5fac3c89af..8995eb5dc8 100644 --- a/includes/SpecialEmailuser.php +++ b/includes/SpecialEmailuser.php @@ -1,138 +1,225 @@ showErrorPage( "nosuchspecialpage", "nospecialpagetext" ); + return; + } -function wfSpecialEmailuser() -{ - global $wgUser, $wgOut, $action, $target; - - if ( 0 == $wgUser->getID() || - ( false === strpos( $wgUser->getEmail(), "@" ) ) ) { - $wgOut->errorpage( "mailnologin", "mailnologintext" ); + if( !$wgUser->canSendEmail() ) { + wfDebug( "User can't send.\n" ); + $wgOut->showErrorPage( "mailnologin", "mailnologintext" ); return; } - $target = wfCleanQueryVar( $target ); + + $action = $wgRequest->getVal( 'action' ); + $target = isset($par) ? $par : $wgRequest->getVal( 'target' ); if ( "" == $target ) { - $wgOut->errorpage( "notargettitle", "notargettext" ); + wfDebug( "Target is empty.\n" ); + $wgOut->showErrorPage( "notargettitle", "notargettext" ); return; } + $nt = Title::newFromURL( $target ); - $nu = User::newFromName( $nt->getText() ); - $id = $nu->idForName(); + if ( is_null( $nt ) ) { + wfDebug( "Target is invalid title.\n" ); + $wgOut->showErrorPage( "notargettitle", "notargettext" ); + return; + } - if ( 0 == $id ) { - $wgOut->errorpage( "noemailtitle", "noemailtext" ); + $nu = User::newFromName( $nt->getText() ); + if( is_null( $nu ) || !$nu->canReceiveEmail() ) { + wfDebug( "Target is invalid user or can't receive.\n" ); + $wgOut->showErrorPage( "noemailtitle", "noemailtext" ); return; } - $nu->setID( $id ); - $address = $nu->getEmail(); - if ( ( false === strpos( $address, "@" ) ) || - ( 1 == $nu->getOption( "disablemail" ) ) ) { - $wgOut->errorpage( "noemailtitle", "noemailtext" ); + if ( $wgUser->isBlockedFromEmailUser() ) { + // User has been blocked from sending e-mail. Show the std blocked form. + wfDebug( "User is blocked from sending e-mail.\n" ); + $wgOut->blockedPage(); return; } - $fields = array( "wpSubject", "wpText" ); - wfCleanFormFields( $fields ); - $f = new EmailUserForm( $nu->getName() . " <{$address}>" ); + $f = new EmailUserForm( $nu ); + + if ( "success" == $action ) { + $f->showSuccess( $nu ); + } else if ( "submit" == $action && $wgRequest->wasPosted() && + $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) + { + # Check against the rate limiter + if( $wgUser->pingLimiter( 'emailuser' ) ) { + $wgOut->rateLimited(); + return; + } - if ( "success" == $action ) { $f->showSuccess(); } - else if ( "submit" == $action ) { $f->doSubmit(); } - else { $f->showForm( "" ); } + $f->doSubmit(); + } else { + $f->showForm(); + } } +/** + * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message. + * @addtogroup SpecialPage + */ class EmailUserForm { - var $mAddress; - - function EmailUserForm( $addr ) - { - $this->mAddress = $addr; + var $target; + var $text, $subject; + var $cc_me; // Whether user requested to be sent a separate copy of their email. + + /** + * @param User $target + */ + function EmailUserForm( $target ) { + global $wgRequest; + $this->target = $target; + $this->text = $wgRequest->getText( 'wpText' ); + $this->subject = $wgRequest->getText( 'wpSubject' ); + $this->cc_me = $wgRequest->getBool( 'wpCCMe' ); } - function showForm( $err ) - { - global $wgOut, $wgUser, $wgLang; - global $wpSubject, $wpText, $target; + function showForm() { + global $wgOut, $wgUser; + $skin = $wgUser->getSkin(); $wgOut->setPagetitle( wfMsg( "emailpage" ) ); - $wgOut->addWikiText( wfMsg( "emailpagetext" ) ); + $wgOut->addWikiMsg( "emailpagetext" ); - if ( ! $wpSubject ) { $wpSubject = wfMsg( "defemailsubject" ); } + if ( $this->subject === "" ) { + $this->subject = wfMsgForContent( "defemailsubject" ); + } $emf = wfMsg( "emailfrom" ); - $sender = $wgUser->getName(); + $senderLink = $skin->makeLinkObj( + $wgUser->getUserPage(), htmlspecialchars( $wgUser->getName() ) ); $emt = wfMsg( "emailto" ); - $rcpt = str_replace( "_", " ", urldecode( $target ) ); + $recipientLink = $skin->makeLinkObj( + $this->target->getUserPage(), htmlspecialchars( $this->target->getName() ) ); $emr = wfMsg( "emailsubject" ); $emm = wfMsg( "emailmessage" ); $ems = wfMsg( "emailsend" ); + $emc = wfMsg( "emailccme" ); + $encSubject = htmlspecialchars( $this->subject ); - $action = wfLocalUrlE( $wgLang->specialPage( "Emailuser" ), - "target={$target}&action=submit" ); + $titleObj = SpecialPage::getTitleFor( "Emailuser" ); + $action = $titleObj->escapeLocalURL( "target=" . + urlencode( $this->target->getName() ) . "&action=submit" ); + $token = htmlspecialchars( $wgUser->editToken() ); - if ( "" != $err ) { - $wgOut->setSubtitle( wfMsg( "formerror" ) ); - $wgOut->addHTML( "

{$err}\n" ); - } - $wgOut->addHTML( "

+ $wgOut->addHTML( "

- - - +
{$emf}:{$sender}
+ + - - + + - - + - - - -
{$emf}:{$senderLink}
{$emt}:{$rcpt}{$emt}:{$recipientLink}
{$emr}: - +{$emr}: +
{$emm}: - -
  - -
+ + +
 + +" . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "
+ +
\n" ); } - function doSubmit() - { - global $wgOut, $wgUser, $wgLang, $wgOutputEncoding; - global $wpSubject, $wpText, $target; - - $from = wfQuotedPrintable( $wgUser->getName() ) . " <" . $wgUser->getEmail() . ">"; - $to = wfQuotedPrintable( $this->mAddress ); - - $headers = - "MIME-Version: 1.0\r\n" . - "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" . - "Content-transfer-encoding: 8bit\r\n" . - "From: {$from}\r\n" . - "Reply-To: {$from}\r\n" . - "To: {$to}\r\n" . - "X-Mailer: MediaWiki interuser e-mailer"; - mail( $this->mAddress, wfQuotedPrintable( $wpSubject ), $wpText, $headers ); - - - $success = wfLocalUrl( $wgLang->specialPage( "Emailuser" ), - "target={$target}&action=success" ); - $wgOut->redirect( $success ); + function doSubmit() { + global $wgOut, $wgUser, $wgUserEmailUseReplyTo; + + $to = new MailAddress( $this->target ); + $from = new MailAddress( $wgUser ); + $subject = $this->subject; + + if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) { + + if( $wgUserEmailUseReplyTo ) { + // Put the generic wiki autogenerated address in the From: + // header and reserve the user for Reply-To. + // + // This is a bit ugly, but will serve to differentiate + // wiki-borne mails from direct mails and protects against + // SPF and bounce problems with some mailers (see below). + global $wgPasswordSender; + $mailFrom = new MailAddress( $wgPasswordSender ); + $replyTo = $from; + } else { + // Put the sending user's e-mail address in the From: header. + // + // This is clean-looking and convenient, but has issues. + // One is that it doesn't as clearly differentiate the wiki mail + // from "directly" sent mails. + // + // Another is that some mailers (like sSMTP) will use the From + // address as the envelope sender as well. For open sites this + // can cause mails to be flunked for SPF violations (since the + // wiki server isn't an authorized sender for various users' + // domains) as well as creating a privacy issue as bounces + // containing the recipient's e-mail address may get sent to + // the sending user. + $mailFrom = $from; + $replyTo = null; + } + + $mailResult = UserMailer::send( $to, $mailFrom, $subject, $this->text, $replyTo ); + + if( WikiError::isError( $mailResult ) ) { + $wgOut->addHTML( wfMsg( "usermailererror" ) . + ' ' . htmlspecialchars( $mailResult->getMessage() ) ); + } else { + + // if the user requested a copy of this mail, do this now, + // unless they are emailing themselves, in which case one copy of the message is sufficient. + if ($this->cc_me && $to != $from) { + $cc_subject = wfMsg('emailccsubject', $this->target->getName(), $subject); + if( wfRunHooks( 'EmailUser', array( &$from, &$from, &$cc_subject, &$this->text ) ) ) { + $ccResult = UserMailer::send( $from, $from, $cc_subject, $this->text ); + if( WikiError::isError( $ccResult ) ) { + // At this stage, the user's CC mail has failed, but their + // original mail has succeeded. It's unlikely, but still, what to do? + // We can either show them an error, or we can say everything was fine, + // or we can say we sort of failed AND sort of succeeded. Of these options, + // simply saying there was an error is probably best. + $wgOut->addHTML( wfMsg( "usermailererror" ) . + ' ' . htmlspecialchars( $ccResult->getMessage() ) ); + return; + } + } + } + + $titleObj = SpecialPage::getTitleFor( "Emailuser" ); + $encTarget = wfUrlencode( $this->target->getName() ); + $wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) ); + wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $this->text ) ); + } + } } - function showSuccess() - { - global $wgOut, $wgUser; + function showSuccess( &$user ) { + global $wgOut; $wgOut->setPagetitle( wfMsg( "emailsent" ) ); $wgOut->addHTML( wfMsg( "emailsenttext" ) ); - $wgOut->returnToMain( false ); + $wgOut->returnToMain( false, $user->getUserPage() ); } } -?>